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REMARKS 

By the foregoing amendments, Applicants have canceled claims 27-30. They have 
also extensively revised all of the remaining claims except claims 7-9 and 22. In addition to 
making the changes whose purposes are set forth below, Applicants have revised the claims 
so that they now refer to the data describing more than one credential as a credential 
descriptor (singular) rather than as respective credential descriptors (plural). Thus referring 
to those data collectively rather than individually makes no substantive difference, of course, 
but Applicants have made that change so that the claim nomenclature is more consistent 
with the specification's. 

The Examiner has rejected claims 1-6, 10-13, 15, 17-21,25, and 31 under 35 
U.S.C. §112. In response, Applicants have eliminated the occurrences of "the first building 
step," "the second building step," and "the providing step" in the claims in which those 
phrases occurred. They have also replaced "the devices" in claim 8 with "the first and 
second devices." In claims 12 and 15, they have provided antecedent basis for the 
"credentials built" language. In claim 18, they have eliminated the "different credentials" 
language and otherwise eliminated the lack of clarity. Finally, they have revised several 
independent claims' preambles to indicate that the claimed method or apparatus attempts to 
build credentials. 

The Examiner has also rejected all claims under U.S.C. § 102(b) as defining subject 
matter anticipated by U.S. Patent No. 5,546,523 to Gatto. Applicants respectfully request 
that the Examiner reconsider those rejections. 

Applicants have invented an approach to credential building that can be used to 
increase credentialing flexibility for, e.g., servers on a network that control other network 
devices' access to certain resources. Requiring credentials before the server grants access is 
often necessary, but the task of presenting them may be cumbersome. The inventors 
recognized that they could streamline the process by providing a mechanism that would 
enable the system to reap the economies of relative and/or comparative advantage. The 
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device that can most readily obtain certain of the credentials required for a given access, for 
example, may be the server 120 in Applicants' Fig. 1, whereas a client in device 1 15 or 
some other network device may be the one that can most readily obtain others. If the task is 
divided between devices 115 and 120, the credential building can be done more effectively 
than if all the work were done at only one or the other of those devices. 

Independent claims 1, 7, and 31 define this concept. Representative claim 1, for 
example, recites "providing a credential descriptor that describes at least one 
credential not built by the first credential builder to a second credential builder 
included in a second device connected to the network" and "using the second 
credential builder to attempt to build at least one credential described by the 
credential descriptor provided to the second credential builder." 

The Gatto patent, on which the Examiner based the rejections of these claims under 
35 U.S.C. § 102, neither discloses nor suggests the claimed subject matter. True, the Gatto 
arrangement includes a plurality of network devices 10. And each of those devices is 
arranged to receive some type of identifying information. For a given user's request, 
though, all of such information is submitted to the same one of those network devices 10; no 
credential built in one device connected to the network travels over the network to reach 
another device where another credential is being built for the same user's request. As a 
consequence, Gatto 's arrangement cannot maximize efficiency in response to different 
network locations' advantages. Gatto therefore neither discloses nor suggests the subject 
matter of claims 1, 7, or 31, or of the claims that depend on them. 

Moreover, Applicants recognized that it would be advantageous if, e.g., a server 
could choose among the credentials that it would be responsible for building itself. At some 
times, or in response to some requests, it may be preferable for the server to be responsible 
for more credentials than at other times or in response to other requests. Applicants' system 
therefore responds to circumstances by sometimes adding or removing constituent credential 
builders to or from the master credential builder that the server (or other device) employs. It 
similarly adds or removes constituent credential evaluators from the device's master 
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evaluator. Independent claims 17, 21, 22, 25, 26, and 33-35 and the claims that depend on 
them all require adding and/or removing credential builders and/or evaluators; claim 17, for 
example, recites "adding at least one different credential builder to the master 
credential builder to form a modified master credential builder," while claim 33 
recites "forming a modified credential evaluator by adding at least one credential 
evaluator to the master credential evaluator." 

The Examiner has indicated that Gatto describes this concept, citing passages such as 
the one that begins in line 62 of Gatto's column 9 and ending in line 2 of his column 10. 
But that passage and the others that the Examiner cites merely state that different ATMs 
may require different credentials or combinations of them. Gatto does not describe his 
ATM's changing the credential or credential combination that the ATM will build. 
Independent claims 17, 21, 22, 25, 26, and 33-35 and the claims that depend on them 
therefore define patentable subject matter. 

As Applicants' Fig. 2 illustrates, their system facilitates credential-builder and - 
evaluator addition and removal by making the credential builders and evaluators modular. 
That is, every credential builder produces as its output the same type of information that the 
other credential builders take as their inputs, and the credential evaluators are similarly 
modular. As a consequence, modules can readily be inserted into and removed from the 
processing chain. 

Independent claims 1 1, 14, 17, 21, 22, 25, 26, and 32-35 all now include recitations 
directed to such modularity. Claim 14, for example, recites that "the credential builders 
[are] linked in a series in such a manner that the input credential descriptor and set of 
credentials of each credential builder but the first credential builder in the series 
include the output credential descriptor and set of credentials of the preceding 
credential builder." Similarly, claim 35 recites that "the credential evaluators [are] 
linked in a series in such a manner that the input credential descriptor and set of 
credentials of each credential evaluator but the first credential evaluator in the series 



21 



PATENTS 

Attorney Docket No. SMY-233.01 

P4715 



include the output credential descriptor and set of credentials of the preceding 
credential evaluator." Gatto neither discloses nor suggests this concept 

Applicants therefore request that the Examiner reconsider and allow all claims 

remaining in the application. 



Respectfully submitted, 



Date: July 22, 2004 
Customer No: 25181 

Patent Group 
Foley Hoag, LLP 
155 Seaport Blvd. 
Boston, MA 02210-2600 




Joseph H. Batnl^. No. 28,283 
Attorney forlApplicants 
Tel. No. (617) 832-1134 
Fax. No. (617) 832-7000 




22 



